The Council's five founding global payment brands -- American Express, Discover Financial Services, JCB International, MasterCard, and Visa Inc. -- have agreed to incorporate the PCI DSS as the technical requirements of each of their data security compliance programs. Each founding member also recognizes the QSAs, PA-QSAs and ASVs certified by the PCI Security Standards Council.

All five payment brands, along with Strategic Members, share equally in the Council's governance, have equal input into the PCI Security Standards Council and share responsibility for carrying out the work of the organization. Other industry stakeholders are encouraged to join the Council as Strategic or Affiliate members and Participating Organizations to review proposed additions or modifications to the standards.

On this website you'll find useful information about the PCI Security Standards Council, the PCI DSS requirements for merchants, vendors and security consulting companies, and the Council's certification and merchant support services, all created to mitigate data breaches and prevent payment cardholder data fraud.

Note that enforcement of compliance with the PCI DSS and determination of any non-compliance penalties are carried out by the individual payment brands and not by the Council. Any questions in those areas should be directed to the payment brands.

The PCI Security Standards Council (the "Council")
provides a variety of tools, questionnaires, guidance, FAQs,
training resources and other materials and information to assist
organizations seeking to achieve compliance with its standards
(the "Standards"). Third party products and services are also
available, but the Council does not endorse or recommend any
such third party products or services, and advises all
organizations seeking to achieve compliance to become familiar
with the Standards and related requirements before purchasing third party products or services.
Ultimately, all applicable requirements must be met in order to achieve compliance,
regardless of whether or what third party products or services
are used.